SSO issue on embedded framework

We are having issue logging in with ‘G Suite’ via embedded framework with the error ‘accounts.google.com refused to connect’ It seems to be google doesn’t allow the sign-on window to be embedded?

So I update the framework.js to set ‘ dedicatedLoginWindow ’ to true and add ‘ https://apps.mypurecloud.com/crm/authWindow.html' as Authorized redirect URIs in our OAuth Client as described in the document

https://developer.inindca.com/api/embeddable-framework/configMethods/settings.html

SSO object like this in framework.js

sso: {

provider: "gsuite",

orgName: “ourOrgName”

},

It works when our iframe url point to local environment like this (There is a separate login window popped up and I am able to login via ‘G-Suite')

< **iframe allow="camera *; microphone ; autoplay " src="https://apps.mypurecloud.com/crm/index.html?crm=framework-local-secure" width="100%" height="100%" ></ iframe >

But when I switch the url to point to our PureCloud with the same settings (framework.js) , it doesn’t seem to be working - the login window is still embedded.

< **iframe allow="camera *; microphone ; autoplay " src="https://apps.mypurecloud.com/crm/embeddableFramework.html?enableFrameworkClientId=true " width="100%" height="100%" ></ iframe >

Not sure if there is something I am missing , any help would be appreciated

Hi Rachel,

Could you try adding a parameter called dedicatedLoginWindow=true in the URL?

https://apps.mypurecloud.com/crm/embeddableFramework.html?enableFrameworkClientId=true&dedicatedLoginWindow=true

Junji

Thank you Juji. That works. It wasn't clear to me that I would need to add this in the url as well.

Rachel,

It's good to hear that it's working!
We'll update the documentation.
Thank you for pointing this out.

Junji

Hi Juji,
I have a followup question regarding the separate login window on iframe. Hope you can help us

As you pointed our, by adding dedicatedLoginWindow=true to iframe url prompts a separate login window. However the login window becomes embedded after we logging user out via
https://login.mypurecloud.com/logout?client_id=<your client id>&redirect_uri=<a registered redirect for your app>

It only works if user clicks on 'Logout' button via iframe.

Is there a way we can automatically log user out of PureCloud without losing the separate login window? thanks

By changing from
dedicatedLoginWindow: true
to
dedicatedLoginWindow: (() => {
let dedicatedLoginWindow = new URLSearchParams(window.location.search).get('dedicatedLoginWindow');

if(dedicatedLoginWindow == null) return true;

dedicatedLoginWindow = (dedicatedLoginWindow == 'true')? true : false;

return dedicatedLoginWindow;
})(),

seems to be working after automatically logging out user

with iframe url pointing to
https://apps.mypurecloud.com/crm/embeddableFramework.html?enableFrameworkClientId=true&dedicatedLoginWindow=true

I am just wondering why by setting dedicatedLoginWindow to true in framework.js does not always work as expected

Hi Rachel,

Thanks for providing additional information.
I'm still trying to understand what you're trying to do.

Are you trying to log the user out programmatically by redirecting the user to https://login.mypurecloud.com/logout?client_id=<your client id>&redirect_uri=<a registered redirect for your app> (by changing window.location.href value) on a certain event such as when you receive a specific message from a parent window while retaining dedicatedLoginWindow option?

If so, in the current implementation, a way to programmatically log the user out of private embeddable framework (while retaining the dedicatedLoginWindow option) is not really supported yet. We can throw something in our backlog to prioritize our work.

Please let me know if you have any additional questions.

Junji

Yes, We are trying to log user out programmatically by redirecting the user to https://login.mypurecloud.com/logout?client_id=<your client id>&redirect_uri=<a registered redirect for your app> while retaining the dedicatedlogin window

I will mention to our team that this isn't supported yet. Thanks for the clarification

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.